| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 |
- .\" Man page generated from reStructuredText.
- .
- .
- .nr rst2man-indent-level 0
- .
- .de1 rstReportMargin
- \\$1 \\n[an-margin]
- level \\n[rst2man-indent-level]
- level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
- -
- \\n[rst2man-indent0]
- \\n[rst2man-indent1]
- \\n[rst2man-indent2]
- ..
- .de1 INDENT
- .\" .rstReportMargin pre:
- . RS \\$1
- . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
- . nr rst2man-indent-level +1
- .\" .rstReportMargin post:
- ..
- .de UNINDENT
- . RE
- .\" indent \\n[an-margin]
- .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
- .nr rst2man-indent-level -1
- .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
- .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
- ..
- .TH "BORG-KEY-CHANGE-ALGORITHM" 1 "2022-06-25" "" "borg backup tool"
- .SH NAME
- borg-key-change-algorithm \- Change repository key algorithm
- .SH SYNOPSIS
- .sp
- borg [common options] key change\-algorithm [options] ALGORITHM
- .SH DESCRIPTION
- .sp
- Change the algorithm we use to encrypt and authenticate the borg key.
- .sp
- Important: In a \fIrepokey\fP mode (e.g. repokey\-blake2) all users share the same key.
- In this mode upgrading to \fIargon2\fP will make it impossible to access the repo for users who use an old version of borg.
- We recommend upgrading to the latest stable version.
- .sp
- Important: In a \fIkeyfile\fP mode (e.g. keyfile\-blake2) each user has their own key (in \fB~/.config/borg/keys\fP).
- In this mode this command will only change the key used by the current user.
- If you want to upgrade to \fIargon2\fP to strengthen security, you will have to upgrade each user\(aqs key individually.
- .sp
- Your repository is encrypted and authenticated with a key that is randomly generated by \fBborg init\fP\&.
- The key is encrypted and authenticated with your passphrase.
- .sp
- We currently support two choices:
- .INDENT 0.0
- .IP 1. 3
- argon2 \- recommended. This algorithm is used by default when initialising a new repository.
- The key encryption key is derived from your passphrase via argon2\-id.
- Argon2 is considered more modern and secure than pbkdf2.
- .IP 2. 3
- pbkdf2 \- the legacy algorithm. Use this if you want to access your repo via old versions of borg.
- The key encryption key is derived from your passphrase via PBKDF2\-HMAC\-SHA256.
- .UNINDENT
- .sp
- Examples:
- .INDENT 0.0
- .INDENT 3.5
- .sp
- .nf
- .ft C
- # Upgrade an existing key to argon2
- borg key change\-algorithm /path/to/repo argon2
- # Downgrade to pbkdf2 \- use this if upgrading borg is not an option
- borg key change\-algorithm /path/to/repo pbkdf2
- .ft P
- .fi
- .UNINDENT
- .UNINDENT
- .SH OPTIONS
- .sp
- See \fIborg\-common(1)\fP for common options of Borg commands.
- .SS arguments
- .INDENT 0.0
- .TP
- .B ALGORITHM
- select key algorithm
- .UNINDENT
- .SH SEE ALSO
- .sp
- \fIborg\-common(1)\fP
- .SH AUTHOR
- The Borg Collective
- .\" Generated by docutils manpage writer.
- .
|
